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systems, the server computer system 



1. In a networked environn lent, wherein one or more cHent computer systems 
make requests for information from a seirver computer system, the server computer system 
providing information in response to ti e requests from the one or more cHent computer 

laving one or more listen sockets and having a 
backlog queue for queuing connection requests that the server computer system cannot 
currently handle, a method of reducing denials of service even though the server computer 
system is experiencing a denial of serv ice attack, the method comprising: 

attempting a connection for each connection request received by the server 

: or more client computer systems; 
for each connection / request that the server computer system cannot 
currently handle, placing the connection request in a backlog queue; 
monitoring the backlog queue; 
determining that the backlog queue is being used; 

resetting one or m^re connection sockets upon notification that the backlog 
queue is being used. 



computer system from said on 



2. The method in accordance with Claim 1, fiirther comprising mapping each 
connection request to a corresponding listen socket. 



3. The method' in accordance with Claim 2, wherein each listen socket has a 
corresponding backlog queue. 
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request in a backlog queue comprii 



4. The method in accordance with Claim 3, wherein placing the connection 



es placing the request in the backlog queue 



corresponding to the listen socket that t^e connection request mapped to. 

5. The method in accordance with Claim 1, wherein attempting a connection 
for each connection request received by the server computer system from said one or more 
client computer systems is performed using a Winsock module. 

6. The method in accordance with Claim 1, wherein attempting a connection 
comprises calling a module /hat accepts connections and waits for request data before 
completing. 

7. The metho^ in accordance with Claim 6, wherein the module that accepts 
coimects and waits for request data before completing comprises a WinsockQAcceptExQ 
module. 

8. The i^ethod in accordance with Claim 1, wherein monitoring the backlog 
queue comprises cdling a module that scans at least the backlog queue for activity. 



9. Jhe method in accordance with Claim 8, wherein determining that the 
backlog quei/e is being used comprises detecting that the module that scans at least the 
backlog queue has retumed. 
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10. The method in accordance wit 




1 Claim 8, wherein the module that scans at 



least the backlog queue for activity comprisesja WinsockQselectO module 



11. The method in accordance with Claim 10, wherein determining that the 
backlog queue is being used comprises detecting that the WinsockQselectO module has 
retiuned. 



12. The method in accordance with Claim 1, wherein resetting one or more 
connection sockets upon notification that] the backlog queue is being used comprises the 
following: 

identifying any connection sockets that have connections but no received 
request data; and 

disconnecting the identified connection sockets. 

13. The method in accordance with Claim 12, wherein identifying any 
connection sockets that have connections but no received request data comprises the 
following: 

calling a module thkt identifies the state of the connection socket. 



14. The method m accordance with Claim 13, wherein the module that 
identifies the state of the connection socket comprises a WinsockQgetsockoptO module. 



15. 



The method in accordance with Claim 1, further comprising: 
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specifying a grace perioa between the time the backlog queue is determined 
to be used and the time one or more connection sockets are reset to allow the server 
computer system to empty/the backlog queue, wherein the resetting of the one or 
more connection sockets/is performed only if the backlog queue still has entries 
after the grace period. 



16. The method /in accordance with Claim 1, wherein attempting a connection 
for each connection request received by the server computer system from said one or more 
client computer systemsncomprises establishing a connection. 
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A computer program product 



for use in a networked environment, wherein 



one or more client computer systems make requests for information from a server 
computer system, the server computer system providing information in response to the 
requests from the one or more cUent computer systems, the server computer system having 



1 



one or more hsten sockets and having a backlog queue for queuing connection requests 
that the server computer system cannot /currently handle, a computer program product for 
implementing a method of reducing denials of service even though the server computer 
system is experiencing a denial of sewice attack, wherein the computer program product 
comprises computer-executable inspictions which, when executed by a processor, 
implements the following: 

attempting a connection for each connection request received by the server 
computer system from said one or more client computer systems; 

for each connection request that the server computer system cannot 
currently handle, placing the connection request in a backlog queue; 
monitoring the backlog queue; 
determining that the backlog queue is being used; 

resetting one pr more connection sockets upon notification that the backlog 
queue is being usedJ 



18. The conmuter program product in accordance with Claim 17, fiirther 
comprising computer-executable instructions for mapping each connection request to a 
corresponding listen socket, wherein each listen socket has a corresponding backlog queue. 
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<j 

19. The computer program product m accordance with Claim 17, wherein the 
computer-executable instructions for placing the connection request in a backlog queue 
comprise computer-executable instructions for placing the request in the backlog queue 
corresponding to the listen socket that the connection request mapped to. 

20. The computer program product in accordance with Claim 17, wherein the 
computer-executable instructions for attempting a connection for each connection request 
received by the server computer system from said one or more client computer systems 
comprises at least portions of a Winsock module. 

21. The computer program product in accordance with Claim 17, wherein the 
computer-executable instructions for resetting one or more connection sockets upon 
notification that the backlog queue is being used comprise computer-executable 
instructions for performing the following: 

identifying any connection sockets that have connections but no received 
request data; / 

disconneoting the identified connection sockets. 

22. The computer program product in accordance with Claim 17, fiirther 
comprising compute/executable instructions for performing the following: 

specifying a grace period between the time the backlog queue is determined 
to be used And the time one or more connection sockets are reset to allow the server 
computey system to empty the backlog queue, wherein the resetting of the one or 
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more connection sockets is performed only if the backlog queue still has entries 
after the grace period. 



23. The computer program product in accordance with Claim 17, wherein the 
computer-executable instructions for attempting a connection for each connection request 
received by the server from said one or more clients comprise computer-executable 
instructions for establishing a connection. 
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M. In a networked environment, wherein one or more client computer systems 
make requests for information from a server computer system, the server computer system 
providing information in response to the requests /from the one or more cHent computer 
systems, the server computer system having one or more listen sockets, each listen socket 



having a backlog queue for queuing connection requests that the server computer system 
cannot currently handle, a method of reducing c enials of service even though the server 



computer system is experiencing a denial of servi 



e attack, the method comprising: 



attempting a connection for each connection request received by the server 
computer system from said one or pore client computer systems using a 
WinsockQAcceptExQ module; 

mapping each connection request to a corresponding listen socket; 

for each connection request/ that the server computer system cannot 
currently handle, placing the connection request in the backlog queue 
corresponding to the listen socket that the connection request mapped to; 

monitoring the backlog queue using a Winsock()select() module; 

determining that the bacWlog queue is being used by detecting that the 
WinsockQselectO module has remmed; 

identifying any connecnon sockets that have connections but no received 
request data using a Winsock0getsockoptO module; and 

disconnecting the identified connection sockets. 



25. The method in accordance with Claim 24, further comprising: 

specifying a grace period between the time the backlog queue is determined 
to be used and the time the identified connection sockets are disconnected, wherein 
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